Want to turn a scaled vector graphic into a multicolor 3D print, like a sign? You’ll want to check out [erkannt]’s svg2solid, a web-based tool that reads an SVG and breaks the shapes up by color into individual STL files. Drag those into your slicer (treating them as a single object with multiple parts) and you’re off to the races.
This sign was printed face-down on a textured build plate. The colors only need to be a few layers deep.
This is especially handy for making 3D printed versions of things like signs, and shown here is an example of exactly that.

It’s true that most 3D printer software supports the .svg format natively nowadays, but that doesn’t mean a tool like this is obsolete. SVG is a 2D format with no depth information, so upon import the slicer assigns a arbitrary height to all imported elements and the user must make any desired adjustments manually. For example, a handy tip for making signs is to make the “background” as thick as desired but limit colored elements to just a few layers deep. Doing so minimizes filament switching while having no impact on final visual appearance.

Being able to drag SVGs directly into the slicer is very handy, but working with 3D models has a certain “what you see is what you get” element to it that can make experimentation or alternate applications a little easier. Since svg2solid turns an SVG into discrete 3D models (separated by color) and each with user-defined heights, if you find yourself needing that then this straightforward tool is worth having in your bookmarks. Or just go straight to the GitHub repository and grab your own copy.

On the other hand, if you prefer your 3D-printed signs to be lit up in a faux-neon style then here’s how to do that in no time at all. Maybe there’s a way to mix the two approaches? If you do, be sure to use our tips line to let us know!

hackaday.com/2025/05/28/tool-t…

Delle vulnerabilità critiche all’interno di XenServer VM Tools per Windows permettono ai malintenzionati di eseguire codice arbitrario e di aumentare i privilegi nei sistemi operativi guest. Le vulnerabilità sono state divulgate pubblicamente nell’ambito dell’Xen Security Advisory, sollecitando l’immediata azione degli amministratori delle piattaforme di virtualizzazione in tutto il mondo.

Tali bug derivano da autorizzazioni eccessive sui dispositivi esposti dall’utente all’interno dei driver PV di Windows, e colpiscono in particolare tre componenti principali: XenCons, XenIface e XenBus. I difetti, sono identificati con gli identificativi CVE-2025-27462, CVE-2025-27463 e CVE-2025-27464, ed interessano tutte le versioni di XenServer VM Tools per Windows precedenti alla 9.4.1.

Queste falle di sicurezza rappresentano un rischio significativo per gli ambienti aziendali che eseguono macchine virtuali Windows su piattaforme XenServer e Citrix Hypervisor. La vulnerabilità del driver XenCons (CVE-2025-27462) è stata introdotta per la prima volta nella versione 9.0.0 ed è rimasta vulnerabile sin dal suo rilascio iniziale. Invece i driver XenIface (CVE-2025-27463) e XenBus (CVE-2025-27464) sono vulnerabili in tutte le versioni, il che rende questo un problema diffuso che interessa numerose distribuzioni aziendali.

Nello specifico, sono vulnerabili le versioni di XCP-ng PV Bus, XCP-ng Interface e XCP-ng PV Console precedenti alla 9.0.9065, mentre sono a rischio anche le versioni di XenServer/Citrix PV Bus precedenti alla 9.1.11.115 e le versioni di PV Interface precedenti alla 9.1.12.94.

Le vulnerabilità consentono agli utenti senza privilegi all’interno dei sistemi operativi guest Windows di elevare i privilegi a quelli del kernel guest. Ciò rappresenta una violazione critica della sicurezza, poiché gli aggressori con accesso limitato possono ottenere il controllo completo sulla macchina virtuale interessata.

Citrix e XenServer hanno rilasciato XenServer VM Tools per Windows versione 9.4.1 per risolvere queste vulnerabilità. Gli strumenti aggiornati contengono versioni specifiche dei componenti, tra cui xenbus 9.1.11.115, xeniface 9.1.12.94 e altri driver con patch.

Anche lo CSIRT dell’Agenzia per la Cybersicurezza nazionale ha emesso un avviso specifico su queste vulnerabilità.

L'articolo I bug su XenServer VM Tools permettono di eseguire codice arbitrario proviene da il blog della sicurezza informatica.

Gli sviluppatori di Tor hanno annunciato un nuovo strumento da riga di comando, Oniux, progettato per instradare in modo sicuro qualsiasi applicazione Linux attraverso la rete Tor per rendere anonime le connessioni di rete. A differenza dei metodi classici, Oniux utilizza gli spazi dei nomi Linux per creare un ambiente di rete completamente isolato per ogni applicazione, impedendo la fuga di dati anche se l’applicazione è dannosa o non configurata correttamente.

Gli spazi dei nomi di Linux sono una funzionalità del kernel che consente l’esecuzione dei processi in ambienti isolati, ognuno con la propria visualizzazione di risorse di sistema specifiche, come reti e processi. Oniux utilizza gli spazi dei nomi per isolare le applicazioni a livello del kernel, forzando tutto il loro traffico attraverso Tor.

“Siamo lieti di presentare Oniux: una piccola utility da riga di comando che fornisce isolamento di rete tramite Tor per applicazioni di terze parti che utilizzano namespace Linux”, hanno affermato gli sviluppatori in una nota. Oniux colloca qualsiasi programma Linux nel proprio namespace di rete per instradarlo tramite Tor ed eliminare la possibilità di perdite di dati.

Questo effetto si ottiene posizionando ogni applicazione nel proprio namespace di rete, senza accesso alle interfacce host, ma utilizzando invece un’interfaccia virtuale (onion0) che esegue il routing attraverso Tor utilizzando onionmasq. Inoltre, lo strumento utilizza namespace di montaggio per iniettare il proprio /etc/resolv.conf per un utilizzo sicuro del DNS Tor, nonché namespace utente/PID per impostare in modo sicuro un ambiente con privilegi minimi. Ciò consente a Tor di essere protetto da perdite e di essere isolato nel kernel per qualsiasi applicazione Linux.

Gli sviluppatori spiegano che, a differenza di Oniux, Torsocks funziona utilizzando LD_PRELOAD e intercettando le chiamate alle funzioni di rete nelle applicazioni Linux collegate dinamicamente e reindirizzandole tramite un proxy Tor SOCKS. Il problema con questo approccio è che le chiamate di sistema non elaborate non vengono intercettate da Torsocks e il malware potrebbe non utilizzare le funzioni libc, il che può causare perdite.

Nonostante gli evidenti vantaggi di Oniux, va sottolineato che si tratta di un progetto sperimentale che non è ancora stato sottoposto a test approfonditi in condizioni e scenari diversi. Per questo motivo, lo strumento potrebbe non funzionare correttamente e non è consigliato per l’uso in operazioni mission-critical.

Il progetto Tor ha già pubblicato il codice sorgente di Oniux e consiglia a chiunque voglia provarlo di assicurarsi prima che Rust sia installato nella propria distribuzione.

L'articolo Oniux: Il Nuovo Strumento Tor che Isola le App Linux e Blocca la Fuga di Dati proviene da il blog della sicurezza informatica.

Today we’re going to make a little digression from things that we do to look at perhaps why we do the things that we do. This one is philosophical folks, so strap yourselves in. We’ve had an interesting item arrive on the tips line from [Bunchabits] who wanted to let us know about a video, Love Letter to Embedded Systems, from [V. Hunter Adams].

[V. Hunter Adams] is Lecturer of Electrical Engineering at Cornell University and is on the web over here: vanhunteradams.com

In this forty three minute video [Hunter] makes an attempt to explain why he loves engineering, generally, and why he loves embedded systems engineering, specifically. He tries to answer why you should love engineering projects, what makes such projects special, and how you can get started on projects of your own. He discusses his particular interest in other unrelated subjects such as birds and birdsong, and talks a little about the genius of polymath Leonardo da Vinci.

He goes on to explain that engineering can be the vehicle to learn about other fields of endeavor, that the constraints in embedded systems are like the constraints of poetry, that embedded systems are the right level of complexity where you can still hold the details of a complete system in your head, and that embedded systems let you integrate with the physical world through sensors and actuators leading to a greater appreciation of physics and nature.

In his submission to the tips line [Bunchabits] said that [Hunter] was a communicator in the league of Carl Sagan and that he could do for embedded systems what Sagan did for physics and astronomy. Having watched this presentation we are inclined to agree. He is a thoughtful person and a cogent communicator.

If today’s philosophical digression has left you feeling… philosophical, then you might enjoy a little nostalgia, too. Here’s some old philosophical material that we covered here on Hackaday back in 2013 which held some interest: Hacking And Philosophy: An Introduction; The Mentor’s Manifesto; Hacker Crackdown: Part 1, Part II, Part III, Part IV; Future Tech And Upgrading Your Brain; and Surveillance State. All still as relevant today as it was over a decade ago.

Thanks to [Bunchabits] for sending this one in.

youtube.com/embed/-TFsfcIx04Q?…

hackaday.com/2025/05/28/a-love…

Some people really want a minimalist setup for their computing. In spite of his potentially worrisome housing situation, this was a priority for the man behind [Basically Homeless]: clean lines on the desk. Where does the PC go? You could get an all-in-one, sure, but those use laptop hardware and he wanted the good stuff. So he decided to hide the PC in the one place no one would ever think to look: inside his chair. (Youtube video, embedded below.)

This chair has very respectable specs: a Ryzen 7 9800XD, 64GB of ram and a RTX 4060 GPU, but you’d never know it. The secret is using 50 mm aluminum standoffs between the wooden base of the seat and the chair hardware to create room for low-profile everything. (The GPU is obviously lying sideways and connected with a PCIe riser cable, but even still, it needed a low-profile GPU.) This assemblage is further hidden 3D printed case that makes the fancy chair donated from [Basically Homeless]’s sponsor look basically stock, except for the cables coming out of it. It’s a very niche project, but if you happen to have the right chair, he does provide STLs on the free tier of his Patreon.

This is the first time we’ve seen a chair PC, but desk PCs are something we’ve covered more than once, so there’s obviously a demand to hide the electronics. It remains to be seen if hiding a PC in a chair will catch on, but if nothing else [Basically Homeless] will have a nice heated seat for winter. To bring this project to the next level of minimalism, we might suggest chording keyboards in the armrests, and perhaps a VR headset instead of a monitor.

youtube.com/embed/Acivh3w3QA8?…

hackaday.com/2025/05/28/invisi…

A letter by Sen. Ron Wyden about surveillance of senators’ phone lines has an important lesson for journalists, too: Be careful in selecting your phone carrier.

On May 21, Wyden wrote his Senate colleagues revealing which wireless carriers inform customers about government surveillance requests (Cape, Google Fi, and US Mobile), and which don’t (AT&T, Boost Mobile, Charter/Spectrum, Comcast/Xfinity Mobile, T-Mobile, and Verizon).

A handy chart at the bottom of the senator’s press release provides a quick summary.

Wyden’s letter was inspired in part by a Department of Justice inspector general report that revealed that the DOJ had collected phone records of Senate staff as part of leak investigations under the first Trump administration.

But that report wasn’t just about surveillance of the Senate. It also discussed how the DOJ surveilled journalists at The New York Times, The Washington Post, and CNN in 2020-21 as part of leak investigations related to news reporting about the Trump campaign’s connections with Russia and Russia’s interference in the 2016 election.

Investigators demanded telephone records from phone companies for the work and personal phones of journalists at all three outlets. In all three cases, the telephone companies turned over the records, which would have shown the numbers dialed, the date and time of calls, and their duration — information that could reveal the identities of confidential sources.

The telephone companies apparently didn’t notify the Times, Post, or CNN that their records had been sought, even though they legally could have done so. The DOJ also didn’t give the news outlets notice, taking advantage of internal guidelines that allowed them to delay notice to news media companies about legal demands for communications records from third parties in certain circumstances. (The rules for delayed notice from the DOJ remain in effect in the recently revised DOJ news media guidelines.)

According to the inspector general report, DOJ cover letters to the telephone companies asked them not to disclose the demands because the DOJ claimed it might impede the investigation. But the DOJ never sought a court order prohibiting disclosure. One prosecutor told the IG that nondisclosure orders weren’t obtained for the telephone companies “because the providers typically do not notify subscribers when their records are sought.”

That’s a problem, and it’s exactly what Wyden called out in his recent letter. Journalists can’t oppose surveillance that they don’t know about. Notification is what enables journalists (or any other customer) to fight back against overbroad, unwarranted, or illegal demands for their data. That’s exactly what the Times did when Google notified the newspaper of demands for its journalists’ email records in connection with the same leak investigation in which investigators sought phone records from Times journalists.

The Times’ contract with Google required the company to notify the news outlet of government demands. But even contractual agreements might not be enough to compel phone companies to inform their customers when they’re being spied on. Wyden’s letter reveals that “three major phone carriers — AT&T, Verizon, and T-Mobile — failed to establish systems to notify (Senate) offices about surveillance requests, as required by their Senate contracts.”

In addition, even if large news outlets could negotiate contracts with their phone carriers that require notification of surveillance requests when legally allowed, that wouldn’t help their journalists who speak to sources using personal phones that aren’t covered by their employers’ contracts. Freelance journalists are also unlikely to have the power to negotiate notification into their phone contracts.

Rather than one-off contractual agreements then, it would be better for all phone companies to follow the lead of tech companies, like Google, that have a blanket policy of notifying customers of government demands for their data, assuming they’re not gagged. These policies are now widespread in the tech world, thanks to activism by groups like the Electronic Frontier Foundation, which has long monitored tech companies’ notification policies and encouraged them to do better.

Phone companies must do better, too. It’s a shame that some of the largest wireless carriers can’t be bothered to tell their customers when they’re being surveilled. Journalists — and all of us — who care about privacy have a choice to make when selecting their wireless provider: Do they want to know when they’re being spied on, or are they OK with being left in the dark?

freedom.press/issues/phone-com…

Appliances fail, but that doesn’t mean it’s the end for them. This impressive hack from [solopilot] shows the results possible when not just fixing but also improving upon its original form. The toaster’s failed function selector switch presented an opportunity to add smart features to the function selection and refine control over its various settings.

Before upgrading the toaster, [solopilot] first had to access its components, which is no trivial task with many modern appliances. Photos document his process of diving into the toaster, exposing all the internals to enable the upgrade. Once everything was accessible, some reverse engineering was required to understand how the failed function selector controlled the half-dozen devices it was wired to.

Next came the plan for the upgrades—a long list that included precise temperature control and the ability to send an SMS showing the state of your meal. A Raspberry Pi Zero, a solid-state relay, a relay control board, and a thermocouple were added to the toaster, unlocking far more capability and control than it had originally. Some tuning is required to fully enable these new features and to dial in the precision this once run-of-the-mill toaster is now capable of.

The work wasn’t limited to the toaster itself. [solopilot] also seized the opportunity to create an Android app with speech recognition to control his now one-of-a-kind Cuisinart. It’s probably safe to say his TOA-60 is currently the smartest toaster in the world. If you check out his documentation, you’ll find all the pinouts, circuits, code, and logic explanations needed to add serious improvements to your own toaster. We’ve featured several other toaster oven projects over the years, most of which have focused on turning them into reflow ovens, so it’s exciting to see one aimed at improving upon its original design.

hackaday.com/2025/05/28/from-b…

This week Jonathan chats with Ben Meadors and Rob Campbell about the boatload of software Microsoft just released as Open Source! What’s the motivation, why is the new Edit interesting, and what’s up with Copilot? Watch to find out!

• github.com/microsoft/edit
• github.com/microsoft/WSL/issue…
• KDE4 on Windows

youtube.com/embed/JG8If0l05n4?…

Did you know you can watch the live recording of the show right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.

play.libsyn.com/embed/episode/…

Direct Download in DRM-free MP3.

If you’d rather read along, here’s the transcript for this week’s episode.

Places to follow the FLOSS Weekly Podcast:

• Spotify
• RSS

Theme music: “Newer Wave” Kevin MacLeod (incompetech.com)

Licensed under Creative Commons: By Attribution 4.0 License

hackaday.com/2025/05/28/floss-…

When you’re hunting for a signal with your oscilloscope, the stronger it is, the better. If it’s weak, you might struggle to tease it out from other interference, or even from the noise floor itself. You might wish that you were looking for something more obvious rather than the electromagnetic equivalent of a needle in a haystack.

Finding hidden signals below the noise floor may be a challenge, but it needn’t be an insurmountable one. James Rowley and Mark Omo came to the 2024 Hackaday Superconference to tell us how to achieve this with the magic of lock-in amplifiers.

Noise

youtube.com/embed/Y9FRTj3uZM0?…

As James explains, you can do lock-in amplification with just about any analog-to-digital converter and DSP that you might have on hand. For example, the oscilloscope you already have in your workshop. “The magic of this technique is taking a noisy signal, just rejecting all the noise, and getting just the part you want—just the signal you’re interested in,” James explains. “It is a very powerful technique for measuring how a signal flows through a system.”

“A lock-in amplifier is a great way… to lock in to those very small signals that can be swamped out by noise and interference, and actually measure signals that are well below the noise floor with a negative signal-to-noise ratio,” says James. “Essentially, what a lock-in amplifier is, is an ultra-narrow bandpass filter.”
A lock-in amplifier is effectively a very strong filter that gets rid of a lot of noise so you can actually find your signal.
In the talk, James uses a simple analogy to explain how this works. He asks the audience to imagine a speaker and a microphone. In this analogy, ideally, the microphone picks up whatever noise the speaker is putting out, but in the real world, there are lots of other noise sources from the environment that can swamp the signal from the speaker itself. However, a lock-in amplifier would be able to reject that other noise, locking in on just the sound from the speaker itself. Lock-in amplifiers apply to all sorts of applications, from picking up extremely sensitive signals from load-cells, to measuring very high or low electrical resistances, and even finding locations of heart catheters during delicate medical operations. Wherever there are tiny important signals that need to be picked up, lock-in amplifiers can probably help.
As with all DSP topics, there is some math involved. Mark explains how the input signal is modulated with a reference signal to help dig out the desired information from the noise.
Mark then walks us through the DSP magic required to actually find signals beneath the noise floor. He explains that by heavily filtering out noise outside the area of interest, it’s possible to effectively increase the signal-to-noise ratio and pick up the desired signal even if it’s quite faint. Traditional filters aren’t quite good enough to reduce the noise by the required amount of 300 times or so, so alternative solutions are needed. To do lock-in amplification, the measured signal is first shifted down to zero hertz, and averaged out over time. It sounds a little funky, but Mark explains the trigonometry and associated math to make it all work for a signal of any given bandwidth. Importantly, though, this technique also needs a reference signal to work, so the amplifier can effectively lock-in on the signal you’re actually looking for.
The practical demonstration involved a microphone trying to pick up a signal from a speaker in a noisy room filled with applause.
The talk then covers the practical—how to build a lock-in amplifier with real hardware. Commercial off-the-shelf options exist, or you could go the discrete analog route—but both are expensive and fussy. Alternatively, you can just use an analog-to-digital converter. “Like the one in your oscilloscope!” notes Mark. He explains how this is set up and how it compares to traditional approaches; basically, it’s more accessible, if not quite as high-performance. You basically end up using one channel as a reference input, while the other channel is hooked up to the signal you’re actually trying to find.

The better the ADC in your oscilloscope, the better it will perform—better bit depth, buffer depth, and sampling rates are all advantageous in this regard. You’re limited by quantization noise and the fact the oscilloscope may not have a particularly low-noise front end, and how much you can average the signal with the oscilloscope’s memory depth, but it’s a workable way to get started with a lock-in amplification setup. As a guide, something like a Rigol DS1054Z has enough memory depth to achieve a 1700x reduction in noise, which helps a great deal when hunting for a signal beneath the typical noise floor. Code to achieve this is available on Github for the curious.

The talk wraps up with a neat demonstration. A microphone and speaker are set up at a set distance of 8.5 cm, at which point the signal should show a 90-degree change in phase based on the signal being fed through the system. Mark and James show how their system is able to accurately measure the phase shift in the desired signal even in a loud room with a full crowd applauding while the demo runs.

If you regularly find yourself struggling to measure dim signals that you know are there, somewhere, you might find these techniques highly useful. This talk serves as a great primer for this very useful DSP technique.

hackaday.com/2025/05/28/superc…

In 2025 we are spoiled for choice when it comes to displays, with affordable LCDs, OLEDs, TFTs, and e-ink panels of all sizes only a few clicks away. But in decades past, such exotica were not on the menu for casual construction. Instead there were a range of LED seven segment displays which have now largely passed out of use.

Among them were HP’s bubble displays, assemblies of miniature LEDs on a PCB, topped with plastic bubble lenses. If you had a calculator in the 1970s it probably had one, but in the present, [Joshua Coleman] has incorporated one into a pleasingly retro digital clock.

Inside the 3D printed case is an ESP32 with a pair of 74HC595 shift registers to drive the display, and an 18650 battery with all associated charging and protection circuitry. It’s a surprisingly simple circuit, and the code is provided on the page. He makes an apology to non-Americans for his use of US date formats, but we think few readers will be unable to change it to reflect the only date format which really matters.

If you find a bubble display, hang on to it. They’re certainly something we’ve seen before here a few times.

hackaday.com/2025/05/28/bubble…

Un post pubblicato un’ora fa su un noto forum underground ha attirato l’attenzione degli osservatori della sicurezza informatica: un utente con lo pseudonimo “elpatron85” ha messo in vendita un presunto archivio di email appartenenti al Vicepresidente del Consiglio e Ministro delle Infrastrutture italiano, Matteo Salvini.

Disclaimer: Questo rapporto include screenshot e/o testo tratti da fonti pubblicamente accessibili. Le informazioni fornite hanno esclusivamente finalità di intelligence sulle minacce e di sensibilizzazione sui rischi di cybersecurity. Red Hot Cyber condanna qualsiasi accesso non autorizzato, diffusione impropria o utilizzo illecito di tali dati. Al momento, non è possibile verificare in modo indipendente l’autenticità delle informazioni riportate, poiché l’organizzazione coinvolta non ha ancora rilasciato un comunicato ufficiale sul proprio sito web. Di conseguenza, questo articolo deve essere considerato esclusivamente a scopo informativo e di intelligence.

Il post, pubblicato circa un’ora fa nella sezione dedicata alla compravendita di dati sensibili, propone il pacchetto denominato “Salvini emails”, descritto come contenente “migliaia di email dal fascista Vicepremier italiano Matteo Salvini e dal partito Noi con Salvini”. Il presunto archivio, secondo quanto riportato dall’autore, avrebbe una dimensione complessiva di 5 GB e viene venduto al prezzo di 250 dollari.

L’utente fornisce anche un contatto Telegram invitando eventuali acquirenti a scrivergli per finalizzare la transazione. Il profilo di “elpatron85” risulta essere stato creato a maggio 2025, con 19 thread e 34 post all’attivo, e fa parte del gruppo “DarkForums Members”.

La legittimità del contenuto non è attualmente verificabile, ma il caso potrebbe rappresentare una potenziale violazione della sicurezza informatica e della privacy del vicepresidente, qualora si rivelasse autentico. Non è chiaro se le autorità italiane siano già a conoscenza della pubblicazione, né se siano state avviate indagini.

Contesto e rischi

La vendita di email rubate o compromesse su forum del dark webnon è un fenomeno nuovo. Tuttavia, quando ad essere coinvolti sono esponenti di primo piano della politica di uno Stato membro dell’Unione Europea, come nel caso di Matteo Salvini, le implicazioni si fanno rapidamente geopolitiche.

Tali informazioni, infatti, potrebbero contenere dati sensibili, strategie politiche, o addirittura elementi utilizzabili per ricatti o campagne di disinformazione.

Va inoltre considerato che non è possibile stabilire con certezza, al momento, se ci troviamo di fronte a un tentativo di truffa (SCAM), oppure se si tratti di una mossa orchestrata per fare propaganda contro Salvini, sfruttando la leva della cybersicurezza per alimentare tensioni o screditare l’avversario politico.

Questo episodio sottolinea ancora una volta l’importanza della sicurezza informatica nei confronti delle istituzioni pubbliche e dei rappresentanti politici. Sarà ora fondamentale capire se i dati in questione siano autentici, come siano stati ottenuti e quali siano le possibili ripercussioni, sia a livello nazionale che internazionale.

L'articolo Matteo Salvini è stato hackerato? Un criminale mette in vendita le sue email per 250 dollari proviene da il blog della sicurezza informatica.

Secondo Francisco Jeronimo, vicepresidente dei dispositivi EMEA presso IDC, intervenendo a una conferenza TED, acquistare gadget ricondizionati può rappresentare un passo importante verso un consumo più sostenibile e una riduzione dei danni causati dai rifiuti elettronici.

Secondo lui , nel 2022 sono state prodotte in tutto il mondo 62 milioni di tonnellate di rifiuti elettronici. In media, ogni persona ha scartato 11,2 chilogrammi di dispositivi elettronici. Tuttavia, la responsabilità della portata del problema non può essere attribuita esclusivamente ai produttori e ai governi. Come ha osservato l’analista, ogni utente ha il suo “super modo” per influenzare la situazione, ovvero prolungando la durata di vita delle apparecchiature e scegliendo dispositivi ricondizionati invece di quelli nuovi.

“Diamo sempre più la colpa alle aziende e ai marchi”, afferma Jeronimo, “ma in realtà abbiamo il potere di cambiare le regole del gioco. Ogni volta che rinunciamo a un nuovo acquisto a favore di apparecchiature ricondizionate, votiamo per un modello economico più sostenibile“.

Jeronimo ha ricordato che la cosiddetta economia circolare richiede di ripensare non solo la produzione, ma anche i consumi. Ad esempio, secondo i calcoli dell’Ufficio europeo dell’ambiente, se i cittadini dell’UE prolungassero di almeno un anno la durata di vita di lavatrici, computer portatili, aspirapolvere e smartphone, le emissioni di anidride carbonica si ridurrebbero di 4 milioni di tonnellate all’anno.

Ha anche paragonato il mercato dell’elettronica ricondizionata al fiorente mercato dell’abbigliamento di seconda mano, la cui popolarità sta crescendo grazie a piattaforme come Vinted ed eBay. Ma con la tecnologia, tutto è ancora diverso, nonostante ci siano 62 milioni di motivi per cambiarlo.

“Al primo segno di un problema corriamo ancora al negozio per comprare un nuovo telefono“, ha osservato Geronimo. “Sebbene abbiamo già delle opzioni: riparare il dispositivo o acquistare un gadget ricondizionato certificato e garantito.”

Gli esperti affermano che se ogni prodotto durasse un anno in più, sarebbe come togliere dalle strade 2 milioni di auto ogni anno. Tuttavia, non tutti i produttori sono pronti a rendere le riparazioni semplici e convenienti. Secondo uno studio dell’organizzazione statunitense PIRG, nel 2024-2025 gli otto maggiori marchi di laptop mostreranno scarsi miglioramenti in termini di riparabilità. Apple e Dell hanno fatto qualche progresso in questa direzione, ma nel complesso la situazione resta difficile.

Tuttavia, il mercato dei dispositivi ricondizionati continua a crescere. Nel 2023, le spedizioni globali di smartphone ricondizionati sono aumentate del 9,5%, raggiungendo i 309 milioni di unità. A titolo di paragone, nello stesso periodo le vendite di nuovi dispositivi sono diminuite del 3,2%.

Nel marzo 2024, uno studio delle Nazioni Unite ha rilevato che i volumi di rifiuti elettronici stavano crescendo quasi cinque volte più velocemente del riciclaggio. Dei 62 milioni di tonnellate di rifiuti generati nel 2022, solo 13,8 milioni di tonnellate sono state ufficialmente raccolte e riciclate. Nel frattempo, oltre al danno ambientale, i rifiuti elettronici causano anche ingenti perdite economiche: fino a 78 miliardi di dollari in costi esterni, più 10 miliardi di dollari in costi di smaltimento. Ma i potenziali benefici di un corretto riciclaggio potrebbero raggiungere i 51 miliardi di dollari, includendo il recupero di materiali come oro, rame e ferro, nonché la riduzione delle emissioni di gas serra.

Il significato è semplice: più a lungo funziona il dispositivo, meno danni provoca. E scegliere il ricondizionato non è solo un consumo intelligente, ma ha anche un impatto reale sul settore.

L'articolo 62 milioni di tonnellate di rifiuti elettronici: la soluzione è nel tuo prossimo acquisto proviene da il blog della sicurezza informatica.

Near my childhood home was a small river. It wasn’t much more than a creek at the best of times, and in dry summers it would sometimes almost dry up completely. But snowmelt revived it each Spring, and the remains of tropical storms in late Summer and early Fall often transformed it into a raging torrent if only briefly before the flood waters receded and the river returned to its lazy ways.

Other than to those of us who used it as a playground, the river seemed of little consequence. But it did matter enough that a mile or so downstream was some sort of instrumentation, obviously meant to monitor the river. It was — and still is — visible from the road, a tall corrugated pipe standing next to the river, topped with a box bearing the logo of the US Geological Survey. On occasion, someone would visit and open the box to do mysterious things, which suggested the river was interesting beyond our fishing and adventuring needs.

Although I learned quite early that this device was a streamgage, and that it was part of a large network of monitoring instruments the USGS used to monitor the nation’s waterways, it wasn’t until quite recently — OK, this week — that I learned how streamgages work, or how extensive the network is. A lot of effort goes into installing and maintaining this far-flung network, and it’s worth looking at how these instruments work and their impact on everyday life.

Inventing Hydrography

First, to address the elephant in the room, “gage” is a rarely used but accepted alternative spelling of “gauge.” In general, gage tends to be used in technical contexts, which certainly seems to be the case here, as opposed to a non-technical context such as “A gauge of public opinion.” Moreover, the USGS itself uses that spelling, for interesting historical reasons that they’ve apparently had to address often enough that they wrote an FAQ on the subject. So I’ll stick with the USGS terminology in this article, even if I really don’t like it that much.

With that out of the way, the USGS has a long history of monitoring the nation’s rivers. The first streamgaging station was established in 1889 along the Rio Grande River at a railroad station in Embudo, New Mexico. Measurements were entirely manual in those days, performed by crews trained on-site in the nascent field of hydrography. Many of the tools and methods that would be used through the rest of the 19th century to measure the flow of rivers throughout the West and later the rest of the nation were invented at Embudo.

Then as now, river monitoring boils down to one critical measurement: discharge rate, or the volume of water passing a certain point in a fixed amount of time. In the US, discharge rate is measured in cubic feet per second, or cfs. The range over which discharge rate is measured can be huge, from streams that trickle a few dozen cubic feet of water every second to the over one million cfs discharge routinely measured at the mouth of the mighty Mississippi each Spring.

Measurements over such a wide dynamic range would seem to be an engineering challenge, but hydrographers have simplified the problem by cheating a little. While volumetric flow in a closed container like a pipe is relatively easy — flowmeters using paddlewheels or turbines are commonly used for such a task — direct measurement of flow rates in natural watercourses is much harder, especially in navigable rivers where such measuring instruments would pose a hazard to navigation. Instead, the USGS calculates the discharge rate indirectly using stream height, often referred to as flood stage.

Beside Still Waters

Schematic of a USGS stilling well. The water level in the well tracks the height of the stream, with a bit of lag. The height of the water column in the well is easier to read than the surface of the river. Source: USGS, public domain.
The height of a river at any given point is much easier to measure, with the bonus that the tools used for this task lend themselves to continuous measurements. Stream height is the primary data point of each streamgage in the USGS network, which uses several different techniques based on the specific requirements of each site.
A float-tape gage, with a counterweighted float attached to an encoder by a stainless steel tape. The encoder sends the height of the water column in the stilling well to the data logger. Source: USGS, public domain.
The most common is based on a stilling well. Stilling wells are vertical shafts dug into the bank adjacent to a river. The well is generally large enough for a technician to enter, and is typically lined with either concrete or steel conduit, such as the streamgage described earlier. The bottom of the shaft, which is also lined with an impervious material such as concrete, lies below the bottom of the river bed, while the height of the well is determined by the highest expected flood stage for the river. The lumen of the well is connected to the river via a pair of pipes, which terminate in the water above the surface of the riverbed. Water fills the well via these input pipes, with the level inside the well matching the level of the water in the river.

As the name implies, the stilling well performs the important job of damping any turbulence in the river, allowing for a stable column of water whose height can be easily measured. Most stilling wells measure the height of the water column with a float connected to a shaft encoder by a counterweighted stainless steel tape. Other stilling wells are measured using ultrasonic transducers, radar, or even lidar scanners located in the instrument shelter on the top of the well, which translate time-of-flight to the height of the water column.

While stilling well gages are cheap and effective, they are not without their problems. Chief among these is dealing with silt and debris. Even though intakes are placed above the bottom of the river, silt enters the stilling well and settles into the sump. This necessitates frequent maintenance, usually by flushing the sump and the intake lines using water from a flushing tank located within the stilling well. In rivers with a particularly high silt load, there may be a silt trap between the intakes and the stilling well. Essentially a concrete box with a series of vertical baffles, the silt trap allows silt to settle out of the river water before it enters the stilling well, and must be cleaned out periodically.

Bubbles, Bubbles

Bubble gages often live on pilings or other structures within the watercourse.
Making up for some of the deficiencies of the stilling well is the bubble gage, which measures river stage using gas pressure. A bubble gage typically consists of a small air pump or gas cylinders inside the instrument shelter, plumbed to a pipe that comes out below the surface of the river. As with stilling wells, the tube is fixed at a known point relative to a datum, which is the reference height for that station. The end of the pipe in the water has an orifice of known size, while the supply side has regulators and valves to control the flow of gas. River stage can be measured by sensing the gas pressure in the system, which will increase as the water column above the orifice gets higher.

Bubble gages have a distinct advantage over stilling wells in rivers with a high silt load, since the positive pressure through the orifice tends to keep silt out of the works. However, bubble gages tend to need a steady supply of electricity to power their air pump continuously, or for gages using bottled gas, frequent site visits for replenishment. Also, the pipe run to the orifice needs to be kept fairly short, meaning that bubble gage instrument shelters are often located on pilings within the river course or on bridge abutments, which can make maintenance tricky and pose a hazard to navigation.

While bubble gages and stilling wells are the two main types of gaging stations for fixed installations, the USGS also maintains a selection of temporary gaging instruments for tactical use, often for response to natural disasters. These Rapid Deployment Gages (RDGs) are compact units designed to affix to the rail of a bridge or some other structure across the river. Most RDGs use radar to sense the water level, but some use sonar.

Go With the Flow

No matter what method is used to determine the stage of a river, calculating the discharge rate is the next step. To do that, hydrographers have to head to the field and make flow measurements. By measuring the flow rates at intervals across the river, preferably as close as possible to the gaging station, the total flow through the channel at that point can be estimated, and a calibration curve relating flow rate to stage can be developed. The discharge rate can then be estimated from just the stage reading.

Flow readings are taken using a variety of tools, depending on the size of the river and the speed of the current. Current meters with bucket wheels can be lowered into a river on a pole; the flow rotates the bucket wheel and closes electrical contacts that can be counted on an electromagnetic totalizer. More recently, Acoustic Doppler Current Profilers (ADCPs) have come into use. These use ultrasound to measure the velocity of particulates in the water by their Doppler shift.

Crews can survey the entire width of a small stream by wading, from boats, or by making measurements from a convenient bridge. In some remote locations where the river is especially swift, the USGS may erect a cableway across the river, so that measurements can be taken at intervals from a cable car.
Nice work if you can get it. USGS crew making flow measurements from a cableway over the American River in California using an Acoustic Doppler Current Profiler. Source: USGS, public domain.

From Paper to Satellites

In the earliest days of streamgaging, recording data was strictly a pen-on-paper process. Station log books were updated by hydrographers for every observation, with results transmitted by mail or telegraph. Later, stations were equipped with paper chart recorders using a long-duration clockwork mechanism. The pen on the chart recorder was mechanically linked to the float in a stilling well, deflecting it as the river stage changed and leaving a record on the chart. Electrical chart recorders came next, with the position of the pen changing based on the voltage through a potentiometer linked to the float.

Chart recorders, while reliable, have the twin disadvantages of needing a site visit to retrieve the data and requiring a tedious manual transcription of the chart data to tabular form. To solve the latter problem, analog-digital recorders (ADRs) were introduced in the 1960s. These recorded stage data on paper tape as four binary-coded decimal (BCD) digits. The time of each stage reading was inferred from its position on the tape, given a known starting time and reading interval. Tapes still had to be retrieved from each station, but at least reading the data back at the office could be automated with a paper tape reader.

In the 1980s and 1990s, gaging stations were upgraded to electronic data loggers, with small solar panels and batteries where grid power wasn’t available. Data was stored locally in the logger between maintenance visits by a hydrographer, who would download the data. Alternately, gaging stations located close to public rights of way sometimes had leased telephone lines for transmitting data at intervals via modem. Later, gaging stations started sprouting cross-polarized Yagi antennas, aimed at one of the Geostationary Operational Environmental Satellites (GOES). Initially, gaging stations used one of the GOES low data rate telemetry channels with a 100 to 300 bps connection. This gave hydrologists near-real-time access to gaging data for the first time. Since 2013, all stations have been upgraded to a high data rate channel that allows up to 1,200 bps telemetry.

Currently, gage data is collected every 15 minutes normally, although the interval can be increased to every 5 minutes at times of peak flow. Data is buffered locally before a GOES uplink, which is about every hour or so, or as often as every 15 minutes in peak flow or emergencies. The uplink frequencies and intervals are very well documented on the USGS site, so you can easily pick them up with an SDR, and you can see if the creek is rising from the comfort of your own shack.

youtube.com/embed/9QEacN9hWoI?…

hackaday.com/2025/05/28/remote…

Vieni a scoprire come vivevano la montagna i primi escursionisti.

Un viaggio nel passato all’interno del Parco Regionale dei Monti Simbruini tra faggete lussureggianti e panoramiche vedute.

Andremo alla conquista della vetta di Monte Autore (1885m), un autentico balcone naturale in grado di regalarci una visuale unica sulle vette al confine tra Lazio e Abruzzo.

Cammineremo lungo itinerari noti sin dall’epoca del Grand Tour per la natura selvaggia, il folklore e le tradizioni.

Ripercorreremo le orme dei nostri illustri predecessori, artisti ed escursionisti dei secoli passati, giunti fin qui alla ricerca del sublime e della bellezza

E' l'occasione ideale per vivere in buona compagnia una splendida Domenica in natura.

Non aspettare! Vieni con noi!

Iscrizioni aperte fino a Venerdì 13 Giugno 2025 ore 20:00

Clicca qui PER INFO COMPLETE ed ISCRIZIONE OBBLIGATORIA